OpenStack Keystone LDAP integration

user_allow_create, user_allow_update and user_allow_delete duplicated in configuration file

Bug #1827043 reported by Giuseppe Petralia
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Keystone LDAP integration
Won't Fix
Undecided
Unassigned

Bug Description

keystone-ldap revision 13

When specifying the following params using

juju config keystone-ldap ldap-config-flags='{ user_allow_create: False, user_allow_update: False, user_allow_delete: False}'

the configuration file generated contained duplicated entries for them:

[ldap]
...

user_allow_create = False
user_allow_update = False
user_allow_delete = False

...
# User supplied configuration flags
...
user_allow_create = False
user_allow_update = False
user_allow_delete = False
...

[identity]
driver = ldap

To workaround that I had to remove them from ldap-config-flags and the configuration file was correctly generated specifying these params only once.

Revision history for this message
Sahid Orentino (sahid-ferdjaoui) wrote :

Those options are deprecated but I think if you want to configure LDAP in that way, Instead of using ldap-config-flags you should use ldap-readonly [0].

https://github.com/openstack/charm-keystone/blob/master/config.yaml#L254

Revision history for this message
Sahid Orentino (sahid-ferdjaoui) wrote :

Since the options are deprecated in favor of cs:keystone-ldap subordinate charm, we probably have no plans to fix that. I'm marking the bug as won't fix. Please update the status if you feel that is necessary. Thanks.

Changed in charm-keystone-ldap:
status: New → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.